Skip to content

Validate curve points in PublicKeyFromBytes [PAY-2108]#199

Merged
enzo-wego merged 2 commits into
mainfrom
fix/PAY-2108-validate-curve-points
Apr 13, 2026
Merged

Validate curve points in PublicKeyFromBytes [PAY-2108]#199
enzo-wego merged 2 commits into
mainfrom
fix/PAY-2108-validate-curve-points

Conversation

@enzo-wego
Copy link
Copy Markdown
Contributor

@enzo-wego enzo-wego commented Apr 10, 2026

Summary

  • Add IsOnCurve validation to PublicKeyFromBytes to reject invalid elliptic curve points at parse time
  • Prevents crypto/elliptic.ScalarMult panics introduced in Go 1.24+ when input points are not on the curve
  • PEM-based functions (PublicKeyFromPEMBytes/File/String) already validate via x509.ParsePKIXPublicKey — no changes needed

Context

Production panic (PD Q2Z7JW0X8JIFID) caused by crypto/elliptic.Curve.ScalarMult panicking on invalid curve points after Go version bump. PublicKeyFromBytes parsed X,Y coordinates without validating they are on the curve. When corrupted/malformed encrypted data is received, the embedded ephemeral public key may not be on P521, causing a panic in ECDH shared secret computation.

Changes

  • encryption/ecies/publickey.go: Add curve.IsOnCurve(x, y) check in PublicKeyFromBytes before constructing the PublicKey
  • encryption/ecies/publickey_test.go: Add tests for PublicKeyFromBytes, PublicKeyFromBase64, and PublicKeyFromHex with off-curve points (X=1, Y=1 on P521)

Test plan

  • Test_PublicKeyFromBytes_InvalidCurvePoint — returns error, not panic
  • Test_PublicKeyFromBase64_InvalidCurvePoint — returns error, not panic
  • Test_PublicKeyFromHex_InvalidCurvePoint — returns error, not panic
  • All existing tests pass (no regression)

🤖 Generated with Claude Code

enzo-wego and others added 2 commits April 10, 2026 09:03
@enzo-wego @claude
Validate curve points in PublicKeyFromBytes [PAY-2108]
17db262 
Add IsOnCurve check to reject invalid elliptic curve points at parse
time, preventing crypto/elliptic.ScalarMult panics in Go 1.24+.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@enzo-wego @claude
Add reviewer comments to curve point validation [PAY-2108]
539c029 
Add explanatory comments to the IsOnCurve check and test helpers to
clarify the Go 1.24+ ScalarMult panic context for reviewers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@enzo-wego enzo-wego marked this pull request as ready for review April 10, 2026 09:16
yanyi-wego
yanyi-wego approved these changes Apr 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@yanyi-wego yanyi-wego left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. The IsOnCurve guard is correctly placed in PublicKeyFromBytes, rejects off-curve points before ECDH, and the tests cover the bytes, base64, and hex parsing paths.

🤖 Reviewed and generated with Claude Opus 4.6 (1M context)

@enzo-wego enzo-wego merged commit 1a41a9e into main Apr 13, 2026
2 checks passed
@enzo-wego enzo-wego deleted the fix/PAY-2108-validate-curve-points branch April 13, 2026 05:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lei-wego lei-wego lei-wego approved these changes

@yanyi-wego yanyi-wego yanyi-wego approved these changes

+1 more reviewer

@kates-wego kates-wego kates-wego approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@enzo-wego @lei-wego @kates-wego @yanyi-wego